Lucene search
K

24 matches found

OSV
OSV
added 2025/12/29 8:4 p.m.3 views

GHSA-3329-GHMP-JMV5 Picklescan is vulnerable to RCE through missing detection when calling numpy.f2py.crackfortran.myeval

Summary Picklescan uses numpy.f2py.crackfortran.myeval, which is a function in numpy to execute remote pickle files. Details The attack payload executes in the following steps: - First, the attacker crafts the payload by calling the numpy.f2py.crackfortran.myeval function in its reduce method -...

8.7CVSS7.7AI score0.003EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/29 3:27 p.m.4 views

EUVD-2025-205587

Picklescan missing detection when calling numpy.f2py.crackfortran.getlincoef...

6.4AI score
Exploits0References5
OSV
OSV
added 2025/12/29 3:27 p.m.3 views

GHSA-R8G5-CGF2-4M4M Picklescan missing detection when calling numpy.f2py.crackfortran.getlincoef

Summary An unsafe deserialization vulnerability allows an attacker to execute arbitrary code on the host when loading a malicious pickle payload from an untrusted source. Details The numpy.f2py.crackfortran module exposes many functions that call eval on arbitrary strings of values. This is the...

9.3CVSS7.7AI score0.003EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/12/29 3:27 p.m.7 views

Picklescan missing detection when calling numpy.f2py.crackfortran.getlincoef

Summary An unsafe deserialization vulnerability allows an attacker to execute arbitrary code on the host when loading a malicious pickle payload from an untrusted source. Details The numpy.f2py.crackfortran module exposes many functions that call eval on arbitrary strings of values. This is the...

7.8AI score
Exploits0References5Affected Software1
Rows per page
Query Builder